UNC530
· Published 21/12/2025 05:36 · Modified 21/12/2025 05:36
· Source: AlienVault
Essential information
- Confidence
- 100/100
- Published
- 21/12/2025 05:36
- Modified
- 21/12/2025 05:36
- Updated at
- 21/12/2025 05:36
- Revoked
- No
- Author / Source
- AlienVault
- Resource level
- —
- Primary motivation
- —
- Related entities
- 1 reports, 11 attack patterns (mitre), 1 countries, 93 indicators
Description
No description.
Marking (TLP)
TLP:CLEAR
Related entities
Attack patterns, malware, vulnerabilities, indicators and other entities linked to this intrusion set.
Reports (1)
-
11 MITREs 102 Observables 1 APT
Attack patterns (MITRE) (11)
-
T1027 usesObfuscated Files or Information MITRE
-
T1036.004 usesMasquerade Task or Service MITRE
-
T1219 usesRemote Access Tools MITRE
-
BITS Jobs usesT1197 MITRE
-
T1105 usesIngress Tool Transfer MITRE
-
T1059.007 usesJavaScript MITRE
-
T1059.001 usesPowerShell MITRE
-
T1204.002 usesMalicious File MITRE
-
T1071.001 usesWeb Protocols MITRE
-
T1560.001 usesArchive via Utility MITRE
-
T1036.005 usesMatch Legitimate Resource Name or Location MITRE
Countries (1)
-
Ukraine targets
Indicators (93)
-
1ec58003c6b7625935976bdfdf7d4a11228a57b32ce1eeece68a1ab48536bbc0indicates -
8e5f93ffef422ac9f6f19b840509aba5ae88aa39d846c1e40f04b26c4d20cf79indicates -
8ab7601d03c890a078ac9f8763c950b24b5908cb76559110a65dc1d2e4385097indicates -
http://194.180.191.41/omr/deal.pdfindicates -
1543723a1dcc8f5638cd43c5882f132b554c248b334473098fc49ae007e8ee4eindicates -
062c25a86461f7f8d392e93bd97836773a889adbdbac9d2ce11e65860a4f2af2indicates -
http://94.158.247.32/mou.15.04indicates -
d20ad28197210f72947f4f14e6a5dd6aafcbf4309d46e8a1bf7f18d107784b77indicates -
8c8a3457007f6e2d1d75715d21b0423e9c6b90fd2e62f7b4398180017e3f768findicates -
9de40cb245c783935d8a7c809262f91f6a511baed67d758b7c48de7b3505e7b0indicates -
http://94.158.247.32/odd.15.04indicates -
a8e291d181c01f7e25e14910b60755d0d439ab1d8616ce0e122514b3fed3dc52indicates